cpe:/a:openbsd:openssh:6.0 cpe:/a:openbsd:openssh:6.1 cpe:/a:openbsd:openssh:6.2 cpe:/a:openbsd:openssh:6.3 cpe:/a:openbsd:openssh:6.4 cpe:/a:openbsd:openssh:6.5 cpe:/a:oracle:communications_user_data_repository:10.0.1 CVE-2014-2532 2014-03-18T01:18:19.000-04:00 2018-07-18T21:29:01.077-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2016-04-25T13:57:36.037-04:00 SECTRACK 1029925 SECUNIA 57488 SECUNIA 57574 SECUNIA 59313 SECUNIA 59855 BID 66355 APPLE APPLE-SA-2015-09-30-3 DEBIAN DSA-2894 FEDORA FEDORA-2014-6380 FEDORA FEDORA-2014-6569 HP HPSBUX03188 MANDRIVA MDVSA-2014:068 MANDRIVA MDVSA-2015:095 REDHAT RHSA-2014:1552 HP SSRT101487 UBUNTU USN-2155-1 MLIST [security-announce] 20140315 Announce: OpenSSH 6.6 released CONFIRM http://advisories.mageia.org/MGASA-2014-0143.html CONFIRM http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html CONFIRM https://support.apple.com/HT205267 XF openssh-cve20142532-sec-bypass(91986) sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.